Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if( isset($_SESSION['user'])!="" ){
- header("Location: home.php");
- }
- include_once 'dbconnect.php';
- include_once 'serial.php';
- $error = false;
- if ( isset($_POST['btn-signup']) ) {
- // clean user inputs to prevent sql injections
- $captcha = trim($_POST['captcha']);
- $captcha = strip_tags($captcha);
- $captcha = htmlspecialchars($captcha);
- $name = trim($_POST['name']);
- $name = strip_tags($name);
- $name = htmlspecialchars($name);
- $name = mysql_real_escape_string($name);
- $pass = trim($_POST['pass']);
- $pass = strip_tags($pass);
- $pass = htmlspecialchars($pass);
- $pass = mysql_real_escape_string($pass);
- //basic captcha validation
- if (empty($captcha)) {
- $error = true;
- $captchaError = "Please enter captcha";
- } else if ($_POST['captcha'] != $_SESSION['captcha']) {
- $error = true;
- $captchaError = "Please enter correct captcha";
- }
- // basic name validation
- if (empty($name)) {
- $error = true;
- $nameError = "Please enter your name.";
- } else if (strlen($name) < 3 or strlen($name) > 15 ) {
- $error = true;
- $nameError = "Name must have atleat 3 characters.";
- } else if (!preg_match("/^[a-zA-Z0-9]+$/",$name)) {
- $error = true;
- $nameError = "Name must contain alphabets, numbers and space.";
- }
- // repeated name validation
- $sql = "SELECT * FROM users where userName= :username";
- $select = $db->prepare($sql);
- $select->bindValue(':username', $name, PDO::PARAM_STR);
- $select->execute();
- if( $select->rowCount() > 0 ) {
- $error = true;
- $nameError = "Name already exist!";
- }
- // password validation
- if (empty($pass)){
- $error = true;
- $passError = "Please enter password.";
- } else if(strlen($pass) < 6) {
- $error = true;
- $passError = "Password must have atleast 6 characters.";
- }
- // password encryption
- $cost = 'xx';
- $salt = substr(strtr(base64_encode(openssl_random_pseudo_bytes(22)), '+', '.'), 0, 22);
- $password = crypt($pass, '$2a$' . $cost . '$' . $salt . '$');
- // if there's no error, continue to signup
- if( !$error ) {
- $sql = "INSERT INTO users(userName,userPass,userCode) VALUES(:username, :userpass, :usercode)";
- $statement = $db->prepare($sql);
- $statement->bindValue(':username', $name, PDO::PARAM_STR);
- $statement->bindValue(':userpass', $password, PDO::PARAM_STR);
- $statement->bindValue(':usercode', $serial, PDO::PARAM_STR);
- $res = $statement->execute();
- if ($res) {
- // create a purchase register table
- $sql = "SELECT userId FROM users WHERE userName = :username";
- $select = $db->prepare($sql);
- $select->bindValue(':username', $name, PDO::PARAM_STR);
- $select->execute();
- $response = $select->fetch();
- $userid = $response['userId'];
- $sql = "INSERT INTO purchases(userId,purchases) VALUES(:userid, :purchases)";
- $statement = $db->prepare($sql);
- $statement->bindValue(':userid', $userid, PDO::PARAM_INT);
- $statement->bindValue(':purchases', "", PDO::PARAM_STR);
- $statement->execute();
- $errTyp = "success";
- $errMSG = "Successfully registered!";
- unset($name);
- unset($email);
- unset($pass);
- } else {
- $errTyp = "danger";
- $errMSG = "Something went wrong!";
- }
- }
- }
- ?>
- <!DOCTYPE html>
- <html>
- <head>
- <meta http-equiv="pragma" content="no-cache">
- <title>ALL FREE</title>
- <link rel="icon" href="fav.png" type="image/x-icon"/>
- <link rel="shortcut icon" href="fav.png" type="image/x-icon"/>
- <link rel="stylesheet" href="assets/css/bootstrap.min.css" type="text/css" />
- <link rel="stylesheet" href="assets/css/style.css" type="text/css" />
- </head>
- <body>
- <?php include 'navbar.php';?>
- <div class="container1">
- <div class="primback">
- <div class="adminpanel">
- <center><h1>Welcome</h1></center><br>
- </div>
- <?php include 'products.php';?>
- </div>
- <div class="formback">
- <div id="login-form">
- <form name="register" method="post" action="index.php" autocomplete="off">
- <div class="col-md-12">
- <div class="form-group">
- <center><h2 class="">Register</h2></center>
- </div>
- <div class="form-group">
- <hr />
- </div>
- <?php
- if ( isset($errMSG) ) {
- ?>
- <div class="form-group">
- <div class="alert alert-<?php echo ($errTyp=="success") ? "success" : $errTyp; ?>">
- <span class="glyphicon glyphicon-info-sign"></span> <?php echo "Save account recovery code: <br>", $serial; ?>
- </div>
- </div>
- <?php
- }
- ?>
- <div class="form-group">
- <div class="input-group">
- <span class="input-group-addon"><span class="glyphicon glyphicon-user"></span></span>
- <input value="" type="text" name="name" class="form-control" placeholder="Enter Name" maxlength="15" value="<?php echo $name ?>" />
- </div>
- <span class="text-danger"><?php echo $nameError; ?></span>
- </div>
- <div class="form-group">
- <div class="input-group">
- <span class="input-group-addon"><span class="glyphicon glyphicon-lock"></span></span>
- <input type="password" name="pass" class="form-control" placeholder="Enter Password" maxlength="32" />
- </div>
- <span class="text-danger"><?php echo $passError; ?></span>
- </div>
- <div class="form-group">
- <div class="input-group">
- <span class="input-group-addon" id="basic-addon1"><img src="captcha.php" /></a></span>
- <input type="text" name="captcha" class="form-control" placeholder="Enter Captcha" maxlength="5" />
- </div>
- <span class="text-danger"><?php echo $captchaError; ?></span>
- </div>
- <div class="form-group">
- <button type="submit" class="btn btn-block btn-primary" name="btn-signup">Sign Up</button>
- </div>
- <div class="form-group">
- <hr />
- </div>
- <div class="form-group">
- <a href="login.php">Login Here...</a>
- </div>
- </div>
- </form>
- </div>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement